mirror of
https://github.com/openvk/openvk
synced 2024-12-22 16:42:32 +03:00
Fix funny xss thing (not tested sinve since im in hospital 💀)
This commit is contained in:
parent
0f2a88aa68
commit
cf558d57c5
2 changed files with 14 additions and 0 deletions
|
@ -428,6 +428,18 @@ function showIncreaseRatingDialog(coinsCount, userUrl, hash) {
|
|||
};
|
||||
}
|
||||
|
||||
function escapeHtml(text) {
|
||||
var map = {
|
||||
'&': '&',
|
||||
'<': '<',
|
||||
'>': '>',
|
||||
'"': '"',
|
||||
"'": '''
|
||||
};
|
||||
|
||||
return text.replace(/[&<>"']/g, function(m) { return map[m]; });
|
||||
}
|
||||
|
||||
$(document).on("scroll", () => {
|
||||
if($(document).scrollTop() > $(".sidebar").height() + 50) {
|
||||
$(".floating_sidebar")[0].classList.add("show");
|
||||
|
|
|
@ -16,6 +16,8 @@ function _bsdnToHumanTime(time) {
|
|||
}
|
||||
|
||||
function _bsdnTpl(name, author) {
|
||||
name = escapeHtml(name);
|
||||
|
||||
return `
|
||||
<div class="bsdn_contextMenu" style="display: none;">
|
||||
<span class="bsdn_contextMenuElement bsdn_copyVideoUrl">Copy video link to clipboard</span>
|
||||
|
|
Loading…
Reference in a new issue